isa/sudo
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Add event_alloc to the audit plugin API.

Browse Source 
The sudoers audit plugin will use this to communicate with sudo_logsrvd.
This commit is contained in:
Todd C. Miller
2020-11-02 15:28:21 -07:00
parent ad40241703
commit fe9e65754c
6 changed files with 93 additions and 6 deletions
Download Patch File Download Diff File Expand all files Collapse all files

46
doc/sudo_plugin.man.in
View File

@@ -16,7 +16,7 @@
.\" ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF .\" ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
.\" OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. .\" OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
.\" .\"
.TH "SUDO_PLUGIN" "5" "August 31, 2020" "Sudo @PACKAGE_VERSION@" "File Formats Manual" .TH "SUDO_PLUGIN" "5" "November 2, 2020" "Sudo @PACKAGE_VERSION@" "File Formats Manual"
.nh .nh
.if n .ad l .if n .ad l
.SH "NAME" .SH "NAME"
@@ -2746,6 +2746,7 @@ struct audit_plugin {
int (*register_hook)(struct sudo_hook *hook)); int (*register_hook)(struct sudo_hook *hook));
void (*deregister_hooks)(int version, void (*deregister_hooks)(int version,
int (*deregister_hook)(struct sudo_hook *hook)); int (*deregister_hook)(struct sudo_hook *hook));
struct sudo_plugin_event * (*event_alloc)(void);
} }
.RE .RE
.fi .fi
@@ -3354,6 +3355,44 @@ See the
\fIPolicy plugin API\fR \fIPolicy plugin API\fR
section for a description of section for a description of
\fRderegister_hooks\fR. \fRderegister_hooks\fR.
.TP 6n
event_alloc
.nf
.RS 6n
struct sudo_plugin_event * (*event_alloc)(void);
.RE
.fi
.RS 6n
.sp
The
\fBevent_alloc\fR()
function is used to allocate a
\fRstruct sudo_plugin_event\fR
which provides access to the main
\fBsudo\fR
event loop.
Unlike the other fields, the
\fBevent_alloc\fR()
pointer is filled in by the
\fBsudo\fR
front end, not by the plugin.
.sp
See the
\fIEvent API\fR
section below for more information
about events.
.sp
NOTE: the
\fBevent_alloc\fR()
function is only available starting
with API version 1.17.
If the
\fBsudo\fR
front end doesn't support API
version 1.17 or higher,
\fBevent_alloc\fR()
will not be set.
.RE
.SS "Approval plugin API" .SS "Approval plugin API"
.nf .nf
.RS 0n .RS 0n
@@ -5062,6 +5101,11 @@ and
enties were added to the enties were added to the
\fRsettings\fR \fRsettings\fR
list. list.
.TP 6n
Version 1.17 (sudo 1.9.4)
The
\fIevent_alloc\fR
field was added to the audit_plugin and approval_plugin structs.
.SH "SEE ALSO" .SH "SEE ALSO"
sudo.conf(@mansectform@), sudo.conf(@mansectform@),
sudoers(@mansectform@), sudoers(@mansectform@),

40
doc/sudo_plugin.mdoc.in
View File

@@ -15,7 +15,7 @@
.\" ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF .\" ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
.\" OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. .\" OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
.\" .\"
.Dd August 31, 2020 .Dd November 2, 2020
.Dt SUDO_PLUGIN @mansectform@ .Dt SUDO_PLUGIN @mansectform@
.Os Sudo @PACKAGE_VERSION@ .Os Sudo @PACKAGE_VERSION@
.Sh NAME .Sh NAME
@@ -2446,6 +2446,7 @@ struct audit_plugin {
int (*register_hook)(struct sudo_hook *hook)); int (*register_hook)(struct sudo_hook *hook));
void (*deregister_hooks)(int version, void (*deregister_hooks)(int version,
int (*deregister_hook)(struct sudo_hook *hook)); int (*deregister_hook)(struct sudo_hook *hook));
struct sudo_plugin_event * (*event_alloc)(void);
} }
.Ed .Ed
.Pp .Pp
@@ -2985,6 +2986,39 @@ See the
.Sx Policy plugin API .Sx Policy plugin API
section for a description of section for a description of
.Li deregister_hooks . .Li deregister_hooks .
.It event_alloc
.Bd -literal -compact
struct sudo_plugin_event * (*event_alloc)(void);
.Ed
.Pp
The
.Fn event_alloc
function is used to allocate a
.Li struct sudo_plugin_event
which provides access to the main
.Nm sudo
event loop.
Unlike the other fields, the
.Fn event_alloc
pointer is filled in by the
.Nm sudo
front end, not by the plugin.
.Pp
See the
.Sx Event API
section below for more information
about events.
.Pp
NOTE: the
.Fn event_alloc
function is only available starting
with API version 1.17.
If the
.Nm sudo
front end doesn't support API
version 1.17 or higher,
.Fn event_alloc
will not be set.
.El .El
.Ss Approval plugin API .Ss Approval plugin API
.Bd -literal .Bd -literal
@@ -4474,6 +4508,10 @@ and
enties were added to the enties were added to the
.Li settings .Li settings
list. list.
.It Version 1.17 (sudo 1.9.4)
The
.Em event_alloc
field was added to the audit_plugin and approval_plugin structs.
.El .El
.Sh SEE ALSO .Sh SEE ALSO
.Xr sudo.conf @mansectform@ , .Xr sudo.conf @mansectform@ ,

3
include/sudo_plugin.h
View File

@@ -21,7 +21,7 @@
/* API version major/minor */ /* API version major/minor */
#define SUDO_API_VERSION_MAJOR 1 #define SUDO_API_VERSION_MAJOR 1
#define SUDO_API_VERSION_MINOR 16 #define SUDO_API_VERSION_MINOR 17
#define SUDO_API_MKVERSION(x, y) (((x) << 16) | (y)) #define SUDO_API_MKVERSION(x, y) (((x) << 16) | (y))
#define SUDO_API_VERSION SUDO_API_MKVERSION(SUDO_API_VERSION_MAJOR, SUDO_API_VERSION_MINOR) #define SUDO_API_VERSION SUDO_API_MKVERSION(SUDO_API_VERSION_MAJOR, SUDO_API_VERSION_MINOR)
@@ -240,6 +240,7 @@ struct audit_plugin {
int (*show_version)(int verbose); int (*show_version)(int verbose);
void (*register_hooks)(int version, int (*register_hook)(struct sudo_hook *hook)); void (*register_hooks)(int version, int (*register_hook)(struct sudo_hook *hook));
void (*deregister_hooks)(int version, int (*deregister_hook)(struct sudo_hook *hook)); void (*deregister_hooks)(int version, int (*deregister_hook)(struct sudo_hook *hook));
struct sudo_plugin_event * (*event_alloc)(void);
}; };
/* Approval plugin type and defines */ /* Approval plugin type and defines */

4
plugins/python/regress/testdata/check_multiple_approval_plugin_and_arguments.stdout vendored
View File

@@ -26,7 +26,7 @@
"INFO1=VALUE1", "INFO1=VALUE1",
"info2=value2" "info2=value2"
\], \],
"version": "1.16" "version": "1.17"
} }
(APPROVAL 2) Constructed: (APPROVAL 2) Constructed:
{ {
@@ -56,7 +56,7 @@
"INFO1=VALUE1", "INFO1=VALUE1",
"info2=value2" "info2=value2"
\], \],
"version": "1.16" "version": "1.17"
} }
(APPROVAL 1) Show version was called with arguments: (0,) (APPROVAL 1) Show version was called with arguments: (0,)
Python approval plugin (API 1.0): ApprovalTestPlugin (loaded from 'SRC_DIR/regress/plugin_approval_test.py') Python approval plugin (API 1.0): ApprovalTestPlugin (loaded from 'SRC_DIR/regress/plugin_approval_test.py')

2
src/exec.c
View File

@@ -309,7 +309,7 @@ sudo_terminated(struct command_status *cstat)
debug_return_bool(false); debug_return_bool(false);
} }
#if SUDO_API_VERSION != SUDO_API_MKVERSION(1, 16) #if SUDO_API_VERSION != SUDO_API_MKVERSION(1, 17)
# error "Update sudo_needs_pty() after changing the plugin API" # error "Update sudo_needs_pty() after changing the plugin API"
#endif #endif
static bool static bool

4
src/load_plugins.c
View File

@@ -430,6 +430,10 @@ sudo_init_event_alloc(void)
if (container->u.io->version >= SUDO_API_MKVERSION(1, 15)) if (container->u.io->version >= SUDO_API_MKVERSION(1, 15))
container->u.io->event_alloc = sudo_plugin_event_alloc; container->u.io->event_alloc = sudo_plugin_event_alloc;
} }
TAILQ_FOREACH(container, &audit_plugins, entries) {
if (container->u.audit->version >= SUDO_API_MKVERSION(1, 17))
container->u.audit->event_alloc = sudo_plugin_event_alloc;
}
debug_return; debug_return;
} }